/** 
 * Copyright 2008 Gerard Toonstra 
 * 
 * As an exception, this particular file  
 * in the project is public domain to allow totally 
 * free derivations of this code. 
 *  
 */  
  
package com.bootdo.common.config.filter;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;

/** 
 * xss过滤器
 * @author xl 
 * 
 */  
public class XssFilter implements Filter {

	@Override
	public void init(FilterConfig filterConfig) throws ServletException {
		// TODO Auto-generated method stub
		
	}

	@Override
	public void doFilter(ServletRequest request, ServletResponse response,
                         FilterChain chain) throws IOException, ServletException {
		HttpServletRequest req = (HttpServletRequest) request;
		String url = req.getServletPath();
		if(url.contains("upload")){//例外，否则影响图片上传
			chain.doFilter(request, response);
		}else{
			XssHttpServletRequestWrapper xssRequest = new XssHttpServletRequestWrapper((HttpServletRequest) request);
			chain.doFilter(xssRequest, response);
		}
	}

	@Override
	public void destroy() {
		// TODO Auto-generated method stub
		
	}  
}  